lib: coerce -0 to +0 in various APIs

[panva]

Followup to #63531

This is not an exhaustive list of these occurences, just the ones I can remotely imagine being exposed to an untrusted user input through a web-based or CLI interface.

The tests demonstrate the process crashing before the ./lib changes.

I used Codex to find and confirm these before diving in.

[nodejs-github-bot]

Review requested:

• @nodejs/crypto
• @nodejs/net

[aduh95]

Shouldn't we update validateUint32 to reject -0 instead?

[panva]

I have no particular sympathy for either or.

[aduh95]

Having it part of the helper is probably more robust than relying on humans to remember for checking for -0

[TheOneTheOnlyJJ]

Having it part of the helper is probably more robust than relying on humans to remember for checking for -0

Maybe even have it part of all uint conversion helpers?

[panva]

we can certainly start blanket rejecting -0 from these validators in a semver-major followup if you feel like picking it up. #63531 already went the same route of this PR and is in the commit-queue

[codecov]

Codecov Report

❌ Patch coverage is 97.36842% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 90.32%. Comparing base (cebe424) to head (ae9e27c).
⚠️ Report is 12 commits behind head on main.

Files with missing lines	Patch %	Lines
lib/internal/dns/promises.js	50.00%	2 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #63556   +/-   ##
=======================================
  Coverage   90.32%   90.32%           
=======================================
  Files         730      730           
  Lines      234653   234705   +52     
  Branches    43940    43939    -1     
=======================================
+ Hits       211953   212004   +51     
- Misses      14414    14425   +11     
+ Partials     8286     8276   -10     

Files with missing lines	Coverage Δ
lib/dns.js	98.65% <100.00%> (+0.01%)	⬆️
lib/internal/blocklist.js	91.39% <100.00%> (+0.05%)	⬆️
lib/internal/crypto/cipher.js	97.98% <100.00%> (+0.03%)	⬆️
lib/internal/crypto/diffiehellman.js	97.77% <100.00%> (+0.01%)	⬆️
lib/internal/crypto/hash.js	99.02% <100.00%> (+0.01%)	⬆️
lib/internal/crypto/hkdf.js	100.00% <100.00%> (+1.15%)	⬆️
lib/internal/crypto/keygen.js	93.49% <100.00%> (+0.47%)	⬆️
lib/internal/crypto/random.js	96.09% <100.00%> (+0.02%)	⬆️
lib/internal/dns/utils.js	99.44% <100.00%> (+<0.01%)	⬆️
lib/internal/fs/utils.js	98.44% <100.00%> (+<0.01%)	⬆️
... and 4 more

... and 45 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[ljharb]

i think fixing the C++ side also is a good idea, but can/should be done separately

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/73772/

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/73773/

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/73785/